Information Security Officers and Analysts are often called upon to conduct investigations into employee actions. Internal data leaks, violations of acceptable use policies, rogue devices, unauthorized software, and countless other kinds of suspected insider offenses pull information security practitioners into the role of investigator.

Too often, organizations fail to prepare for and effectively manage internal investigations. Taking an ad-hoc approach to investigations and failing to bring the right skills and tools to the job will lead to ineffective investigations that ultimately increase, rather than mitigate, organizational risk.

This presentation will introduce the concepts and benefits of computer forensics, lay out basic principles for establishing an effective internal investigative function, and discuss organizational and political issues confronting information security practitioners who find themselves investigating their coworkers.

About Me

Thanks for visiting my blog. I'm an information security analyst and computer forensic examiner with experience in a variety of industries. I hold the CISSP, CISM, C|EH, CCE, and C|HFI certifications and an MBA. I live and work in Columbia, MO.